Free Load Balancer Virtual Appliance

Last year I shared a free load balancer virtual appliance for VMware View that I created on SuSE Studio. The load balancer uses HAProxy and came with a very basic configuration for use with VMware Horizon View Connection Servers or Security Servers. The appliance has been downloaded a few hundred times and has been useful to me in my own home lab.
Since publishing the appliance I have made several changes to the configuration and thought I would share those updates.

You can download the latest version of the appliance in OVF format here: http://susestudio.com/a/R42GDM/vmtoday-vmware-view-load-balancer.
Instructions for setting up and configuring the appliance are on the original post here: http://vmtoday.com/2012/09/free-vmware-view-load-balancer-using-suse-studio-and-haproxy/.
I’ve been asked whether or not this is appropriate for production use; that’s a hard one to answer.

My intent was to provide a simple way to set up load balancing for test/pilot environments. Here are some thoughts on running this for production/internet facing use:
HAProxy is stable and used by many organizations (Reddit, Instagram, Egnyte, RedHat OpenShift, Twitter).
I am not a linux guy and as such have not done anything to harden this virtual appliance other than enable the firewall, but a good *nix admin could probably tighten it up a bit.

This is a single point of failure unless you create a second instance and use something like keepalived and maybe mercurial to keep configs in sync.
No commercial support for my build. I’ll do what I can to help if you ask nicely, but I do have a day job and family.
Logging is not very robust in my build – you would probably want to implement Logwatch, syslog or another mechanism to monitor it.

I’ll leave it up to you to weigh the pros and cons of running my appliance in an internet facing role or in production.
I’ve also been asked if this appliance can support SSL offloading. The short answer is no. The long answer is that HAProxy 1.5 (still in development) will offer SSL Offloading, SSL health checks, ACLs and a bunch of other features. I have also heard of people using Pound with HAProxy to handle SSL offloading, but have not done it myself.

I’m working on a couple articles that describe architectures and options for Horizon View Security Servers and Connection Servers with load balancers and DMZs. You may find that SSL offloading for VMware Horizon View is not a requirement (at least for those who are using this appliance in a test environment).
Change Log (as of 0.2.16 of the appliance)
Updated HAProxy to 1.4.24-1 as the older version had some vulnerabilities (CVE-2013-2175).

I built the RPM from source for this version as it was not in any public repositories for SLES 11. Previous versions of my appliance used HAProxy version 1.4.21-3.1.
Cleaned up some of the extraneous packages and old repositories for a leaner build.
Updated VMware Tools to the latest version.
Updated the HAProxy config to:
Establish a proper frontend / backend configuration – this will help with the web based admin interface to enable/disable Connection / Security servers during maintenance windows.

Removed session stickyness – not working well and really not needed
Switched to source-based balancing instead of round robin as some folks reported problems
Added some comments to help with configuration.
Here’s the updated configuration for anyone who is rolling their own HAproxy:
### VMware Horizon View LoadBalancer vApp### HAproxy config by Josh Townsend### Visit http://vmtoday.com for more info
globallog 127.

... #backend view_pcoip # mode tcp # option tcplog # balance roundrobin #--------------------------------------------------------------------- #Next line sticks clients that enter through https-backend to same server for PCoIP. #Session sticking doesn't quite work the way I want, and View is flexible to let me #define a PCoIP Secure Gateway without having to pass thru my load balancer, so #I'll just comment this out and ignore until (if?) I get HAproxy 1.

One final note – when you import the OVF into vSphere, you may get a warning stating that “The specified operating system identifier “(id:83)” is not supported on the selected host.” I’m not sure why, but this is easily fixed. Don’t power up the VM on import. After the import is completed, edit the settings of your VM. On the Options tab, click General Options, then change the Linux Version to SuSE Linux Enterprise 11 (64-bit).

Power up your VM and everything should be just fine.
Special thanks to Mark K for some suggestions for improving the configuration. Let me know if you have any problems, questions, or suggestions for improvement. Also feel free to leave a comment below to let me know of some creative ways you are using this appliance.
Share this:
Like this:
Like Loading...

An equipment is one of the largest investments you will ever make. Appliances are generally hefty purchases, and are just one on the most crucial areas of your private home. You depend on appliances for almost everything from cooking to cleaning, and especially looking at the amount of funds you are going to be putting forth for it, it only makes sense that you d need to you should definitely take advantage of smart obtain.

Property appliances is really a term that is made use of quite commonly today but what does it stand for? Household appliances stand to the mechanical and electrical items which might be made use of in your own home to the working of the typical house.

We understand that companies and developers have a wide range of free load balancing options, from small projects on SourceForge to open source products with widespread implementation such as HAProxy. We also know that even though the software may be free, there may be significant costs, not just in time and effort to deploy, but also in the ongoing maintenance and management of a solution. A cheap load balancer now may end up costing you more in the long term.

That’s why our Free LoadMaster includes all the security and application delivery updates that we release for our commercial products.
LoadMaster is an integrated application delivery solution that takes a complete view of not just the load balancing services, but also the underlying operating system. This tight integration and holistic view of load balancing security and performance removes the need for you to build a hardened OS to host your Linux load balancer.

LoadMaster makes load balancing simple to deploy and removes the risk of misconfiguration.
Free Load Balancer Choices
KEMP Technologies is now bringing our best-in class technology and processes to a free load balancer offering.
There are a significant number of free load balancer options available. Choices include Sourceforge projects such as HAProxy XLB, ZEN, Octopus and LNLB, although some of these seem to have been abandoned with no activity for a number of years.

Several Open Source load balancer projects have been commercialized, but some growing pains are still visible with incident limited support plans or plans that only offer pre-arranged support calls.
As a long standing vendor in the application load balancing market, KEMP’s LoadMaster is valued by a worldwide customer base of over 25,000 and used in a wide range of scenarios for both custom and packaged applications.

This strong heritage and broad functionality footprint transfers to the Free LoadMaster as well. It is built on the same codebase and includes the same deployment templates and tools integration that comes standard with all paid versions.
If you want a simple and full-featured load balancer, then the Free LoadMaster is for you. It comes as a totally integrated appliance so there is no need to build an underlying operating system.

While this may seem trivial, having a pre-built appliance ensures optimal use of your hardware and the ultimate security for your load balancer. If your focus is on application platforms such as JBoss or node.js, then you probably do not have the time or inclination to start building an open source load balancing environment from scratch.
KEMP Free LoadMaster
Other Free and Open Source Load Balancers
Performance
Optimized virtual appliance with tightly integrated operating system and load balancing services gives best possible performance across hardware platforms.

Loose coupling between OS and load balancing application. Underlying OS needs to be optimized to get best performance from hardware.
Workloads Supported
Any workload that is currently supported by a paid LoadMaster version. Supports Layer 4 to Layer 7.
Variable. Some load balancers only support HTTP/HTTPS workloads.
Security
Designed as a single secure appliance that implements security best practices by default.

Often a single developer or a loose community of developers.
Quality Control
Free product is subject to same QA process as paid product; automated testing using industry-leading test automation toolsets.
Variable
Documentation
Same high-quality documentation applies to Free LoadMaster as other products in LoadMaster family; dedicated documentation team.
Can be ad-hoc and out of sync with code base.

Everyday the majority of us use appliances as it is already considered essential in your own home. Appliances might be created to perform on the specific function it consists of but breaking lower over time is inevitable especially if it’s over used or misused.